The evolution of malware

The Cisco 2018 Annual Cybersecurity Report revealed that the evolution of malware was one of the most important developments in the attack landscape in 2017.

Attackers are taking malware to new levels of sophistication and impact, with increasing variety. Malware can be used for financial gain or, in some cases, for the sole purpose of destroying systems and data.

WannaCry made its first appearance in May 2017 when it spread across the Internet, taking advantage of a Microsoft Windows security vulnerability. Those behind the attack earned more than US$143,000 through bitcoin payments.

In June 2017, Nyetya, also known as NotPetya, was deployed through a software update system for a tax software package. This package was used by more than 80% of companies in Ukraine and installed on more than one million computers. More than 2,000 Ukrainian companies were affected and the cyber attack spread across the world.

Malware used to be distributed in three ways: by download, email or physical media, such as a USB stick. For malware to be distributed and devices infected, there needed to be some sort of human interaction. However, the new vectors being employed by attackers mean there is no longer any need for human interaction to launch a network-based ransomware campaign.

According to Cisco threat researchers, WannaCry and Nyetya are only a taste of what’s to come. Malware has the potential to bring down the Internet, so defenders should prepare.

If more organisations had prepared basic security best practices, WannaCry and Nyetya could have been prevented, or at least had a much smaller impact.

ISO 27001 certification demonstrates that your company is following information security best practice. It provides an independent, expert verification that your organisation’s information security is managed in line with international best practice and business objectives.